• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

Card Range To Study



Play button


Play button




Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

53 Cards in this Set

  • Front
  • Back
Why do we need corporate governance
to overcome agency problem
Who has marjor control over mgmt?
External auditors
Internal auditors
Credit rating agency
Internal control system
security analyst
Objective of Internal control
1. Financial information reliability
2. Operating efficiency and effectiveness
3. compliance with law
Components of Internal Control (5)
1. control environment
2. assessment of risk
3. control activities
4. information and communication
4. monitoring
Limitations of internal control
1. Mgmt can override
2. segeration can be circumvented by collusion
3. can breakdown due to bad judgement
4. can can not excced benefit
What does Enterprise Risk Mgmt do?
A process designed to identify potential events that may affect the organization and manage risk to be within it's risk appetite and provide resonable assurance regarding achieving objectives
What is Risk Appetite
the amount of risk an organization will accpet to acheive it's objectives
What are the 8 componentes of Risk Mgmt
1. Control environment
2. Objective setting
3. Risk identification
4. Risk assessment
5. Risk respone
6. Control activities
7. Information and communication
8. Monitoring
Individual that monitors internal control within an organization
Must be competent and objective
Inherent Risk
Risk to the organization if managment does nothing to alter it's likelihood or impact
Risidual Risk
The risk of the event after considering mgmt resonse
Risk tolerance
the acceptable variation with respect to achieving a particular objective
Articles of incorporation includes (6)
1. Name and initial address
2. Purpose
3. Power
4. name of registered agent
5. Name and address of incorporators
6. # of authorized shares and types of stocks
By laws includes
1. How are officers elected
2. HOw meetings are conducted
3. Types and duties of officers
4. required meetings
5. process of bylaw amendment
Monitoring devices for mgmt behavior
1. board of directors
2. external auditors
3. internal auditors
4. credit analyst and agencies
5. attorneys
6. IRS
Board of directors are responsible for (10)
1. Mission of the company
2. Selection and removal of CEO
3. Amending by laws
4. Mgmt compensation
5. Declaration and payment of dividend
6. acquisition and cap structure
7. Advising mgmt
8. governance oversight and assisst auditors
9. accurate financial reporting
10. Risk managment
Board of directors must be:
Majority independent
not part of mgmt
Dont receive significant benefits other than compensation
Adequetely trained
have no power to bind the compnay
Business Judgement Rule
Corporate directors may not be held liable for errors in judgement providing the director acted in good faith, loyalty and due care
what is duty of loyalty
puttling corporate interest before personal when offered any opportunities
Who is an Inside directors
If a director also is an employee or a major shareholder
Dodd-Frank act of 2010 says:
Must disclose why chairman of the board of not CEO
All members of compensation committee and audit committee must be independent
Committees of the board
Corporate governance
Audit Committee
Compensation Committee
The nominating/Corp. governance committee does what?
1. Oversees boards organization including assignments
2. Determines director qualification training
3. Develops corp. governance principals
4. Oversee CEO succession
Function of Audit Committee
1. appointment, compensation and ovesight of external auditor
2. resolution of disagreement between auditor and management
Financial expert must do:
1. Understand GAAP and Fin Statement
2. Experienced in preparing and analysing and evaluation of Fin Statement
3. Understand Internal Control
4. Understand procerdue of Fin. Reporting
5. understand audit committee function
Per Section 302 of SOX: Financial Officer responsible for
1. Maintain internal control
2. Disclose all significant interal control deficiencies to the compnay's auditor and audit committee
Compensation Commitee
1. All members must be independant
2. Review adn aprpove CEO compensation
3. Makes recommendation to board with respect to incentive and equity based compensation
4. attempt to align incentive with shareholder objective and risk appetite
Director are not independant if:
1. has been an employee in the last 5 years (3 years for NASDAQ)
2. If family memnber is an officer in the last 5 eyars
3. If were external auditor in the last 5 eyars
4. Receives >$120K
5. Receives significant revenue from the corporation
Types of Internal audit services
1. Assurance
2. Consulting
Types of Internal Audit Standards
1. Attribute Standards - related to characteristics of audit
2. Performance Standards - Quality of Internal Audit activities
External Auditors duties includes
Audit in accordance of PCAOB

Assures Fin Stmt are accurate

Mgmt not engaging in fraud
Mgmt Responsibilities per SOX 404
1. Establish adequest internal control over financial reporting
2. Assessment over effectiveness of Internal Control
3. External auditors to attests to mgmt's report
What are significant audit finding
1. Auditors view on qualitative aspect of significant accounting practices

2. Significant difficulties encountered during audit

3. disagreement with management

4. Other finding that are significant and relevent

5. uncorrected material misstatements
What are the SEC divisions?
1. Division of cor finance

2. Division of enforcement

3. Office of the chief accountant
SEC division of Cor Finance does what?
1. Review document filed by companies

2. Checks to see if compnaies are meeting disclosure requirements

3. Seeks to improve quality of disclusures
SOX 906 requirement of Corp govornance
Requires CEO and CFO to clarify accurance and thuthfullness of periodic financial reports filed with SEC
Common Shareholder's Right
1. Right to vote in election of directors
2. Right to vote in decision to disolve the corporation
3. Other fundamental changes in corporation
4. Right to inspect books and records
What are the 7 control environment components (ICHAMBO)
1. Integrity and Eithcal values
2. Committments to competance
3. Human resource policies
4. Assignment of responsibilities
5. Management philosophay and style
6. Board of director or audit committee
7. Organizational structure
Control Activities include
1. Performance Review
2. Information processing control
a. General control
b. application control
i. Input control
ii. Processign control
iii. output control
c. Physical control
d. Segregation of duty
What is application control?
1. Input control
2. Porcessing control
3. Output control
Segregation of Duty
Different people are responsible for:
1. authorizing transaction
2. Recording transaction
3. Maintaining custody of assets
Effective information and communication must be
1. identify and record all valid transactions
2. describe trans. timely
3. measure value of transaction
4. Record in the proper period
5. Properly present and disclose
6. comminicate responsibilities to employees
Internal Controls fail because
1. not designed or implemented properly
2. change in environment make it ineffective
3. the way control operates may change
Interal control change control continuum
1. Control baseline
2. change identification
3. change management
4. congtrol revalidation/update
Interal Control change management
1. Change request
2. Change analysis
3. Chagne decision
4. Change planning, implementation and tracking
Characteristics of key controsl
1. the failure could materially effect areas objective other controsl would not be expected to detect failure timely

2. their operating may prevent or detect other failure b/f they hadn and opportunity to become material to organization's objectives
SOS 404 requirements around Internal Control
1. Statements of mgmt's responsiblity of establishing Internal Control
2. Framework used by mgmt to assess effectiveness of Interal Control
3. Internal Control over Financial Statements
4. Auditors attestation on mgmt's report
What does ERM (enterprise risk management) do?
1. align risk appetite with strategy
2. enhance risk response
3. Reduces operational surpises and losses
4. Identifies and manages cross enterprise risk
5. Provide integrated response to multiple risk
6. help seize opportuntiy
7. Improve deployment of capital
Risk/Event identification techniques
1. Event inventory
2. Internal analysis
3. Escalation of threshold trigger
4. Facilitated workshop
5. process flow analysis
6. Leading event indicator
7. Loss events data methodologies
Risk assesment methods
Probabilistic model: range and events and their resulting impact with the likelihood of those events base of certain assumption. i.e. Value at risk, Cash flow risk, earnings risk
Nonprobabilistic Model
uses subjective assumptions in estimating ther impact of event without quantifying an assoicated likelihood
1. sensivitiy mesaure
2. stress test
3. scenarios ananlysis
4 types of Risk Responses
1. Avoidance - exit activity
2. Recuction - reduce impact
3. Sharing - hedging, outsourcing
4. Acceptance - doing nothing
Limitations of ERM
1. Risk relates to uncertain future
2. Provides risk related to objectives but cant' assure that objectives will be achieved
3. cant' assure about objective categoreis
4. Subject to mgmt's override